Standardize all of the AWS credentials

2019-10-02 11:34:51 -04:00 · 2019-10-02 11:34:51 -04:00 · cc3de11e54
commit cc3de11e54
parent 686ef55e40
2 changed files with 38 additions and 11 deletions
--- a/atst/domain/csp/cloud.py
+++ b/atst/domain/csp/cloud.py
@ -492,8 +492,8 @@ class AWSCloudProvider(CloudProviderInterface):

            self.boto3 = boto3

-    def root_creds():
-        return {"username": self.access_key_id, "password": self.secret_key}
+    def root_creds(self):
+        return {"AccessKeyId": self.access_key_id, "SecretAccessKey": self.secret_key}

    def create_environment(
        self, auth_credentials: Dict, user: User, environment: Environment
@ -503,9 +503,7 @@ class AWSCloudProvider(CloudProviderInterface):

        # Create an account. Requires organizations:CreateAccount permission
        account_request = org_client.create_account(
-            Email=user.email,
-            AccountName=uuid4().hex,
-            IamUserAccessToBilling="ALLOW",
+            Email=user.email, AccountName=uuid4().hex, IamUserAccessToBilling="ALLOW"
        )

        # Configuration for our CreateAccount Waiter.
@ -618,8 +616,8 @@ class AWSCloudProvider(CloudProviderInterface):
            "AccessKey"
        ]
        credentials = {
-            "key": access_key["AccessKeyId"],
-            "secret_key": access_key["SecretAccessKey"],
+            "AccessKeyId": access_key["AccessKeyId"],
+            "SecretAccessKey": access_key["SecretAccessKey"],
        }

        # TODO: Create real policies in account.
@ -674,13 +672,13 @@ class AWSCloudProvider(CloudProviderInterface):
        A helper for creating a client of a given AWS service.
        """
        credentials = credentials or {
-            "aws_access_key_id": self.access_key_id,
-            "aws_secret_access_key": self.secret_key,
+            "AccessKeyId": self.access_key_id,
+            "SecretAccessKey": self.secret_key,
        }
        return self.boto3.client(
            service,
-            aws_access_key_id=credentials["aws_access_key_id"],
-            aws_secret_access_key=credentials["aws_secret_access_key"],
+            aws_access_key_id=credentials["AccessKeyId"],
+            aws_secret_access_key=credentials["SecretAccessKey"],
            region_name=self.region_name,
        )

--- a/tests/domain/cloud/test_aws_csp.py
+++ b/tests/domain/cloud/test_aws_csp.py
@ -1,6 +1,11 @@
 import pytest

 from atst.domain.csp.cloud import EnvironmentCreationException
+from atst.jobs import (
+    do_create_environment,
+    do_create_atat_admin_user,
+    do_create_environment_baseline,
+)

 # pylint: disable=unused-import
 from tests.mock_boto3 import mock_aws, mock_boto3, AUTH_CREDENTIALS
@ -63,3 +68,27 @@ def test_create_environment_baseline_when_policy_already_exists(mock_aws):
        AUTH_CREDENTIALS, "csp_environment_id"
    )
    assert "policies" in baseline_info
+
+
+def test_aws_provision_environment(mock_aws, session):
+    environment = EnvironmentFactory.create()
+
+    do_create_environment(mock_aws, environment_id=environment.id)
+    do_create_atat_admin_user(mock_aws, environment_id=environment.id)
+    do_create_environment_baseline(mock_aws, environment_id=environment.id)
+
+    session.refresh(environment)
+
+    assert "account-id" == environment.cloud_id
+    assert {
+        "id": "user-id",
+        "username": "user-name",
+        "credentials": {
+            "AccessKeyId": "access-key-id",
+            "SecretAccessKey": "secret-access-key",
+        },
+        "resource_id": "user-arn",
+    } == environment.root_user_info
+    assert {
+        "policies": [{"BillingReadOnly": "policy-arn"}]
+    } == environment.baseline_info